DFIR Analyst with Security Clearance

---

Job description

Executive Summary: HRUCKUS seeks a mid-level Digital Forensic Incident Response (DFIR) Analyst to support an exciting information operations, intelligence analysis, and cybersecurity requirement. Position Description: The DFIR Analyst is responsible for preventing the escalation of severe security threats and providing reports to the security team. This position utilizes tools to minimize the effects of a security breach on the computer network and performs an analysis to ensure that computer networks are clear of threats. Roles and Responsibilities:
• Conduct a full range of advanced professional duties required to monitor network activity, document and report on information security issues and emerging trends
• Provide threat and vulnerability analysis
• Monitor endpoint protection/detection for anomalies using designated escalation paths for remediation
• Review and monitor Security Information and Event Management (SIEM) log data for unauthorized access and initiate investigations if necessary
• Perform malware threat hunting using industry-leading products and applications
• Participate in developing security strategies In addition, the DFIR Analyst shall:
• Perform against established operational rhythm, expectations, and standards for the Security Operations Center (SOC) DFIR line of effort
• Be part of the 24x7 operations of the FBI ESOC
• Perform advanced incident handling responsibilities with a direct interface with the ESOC management team
• Identify areas of improvement for SOC processes and tools to enhance the mission Basic Qualifications:
• MUST BE A US CITIZEN
• Bachelor's degree
• An Active Top Secret Clearance with eligibility to obtain SCI and pass CI Poly)
• 5+ years of experience with crisis management, incident response, strategic communications, or risk management
• 5+ years of experience in supporting the facilitation of trainings or briefing sessions
• Adept knowledge of cybersecurity and incident response principles, crisis management, and emergency management principles
• Ability to leverage available learning resources, both internal and external
• Experience with advanced Microsoft Office products
• Ability to work within a highly collaborative, fast-paced, dynamic environment
• Possession of excellent verbal and written communication skills
• Possession of excellent interpersonal skills, including client management skills
• Strong IR and Digital forensics experience and cloud experience are preferred Additional Qualifications:
The ideal candidate will have experience with four or more of the items below:
• Splunk Search Processing Language (SPL)
• Microsoft Defender for Endpoint (MDE)
• Microsoft Azure Sentinel
• Kusto Query Language (KQL)
• Linux Bash
• PowerShell/CMD
• Networking - intermediate level knowledge of computer networking
• Type 2 Hypervisor software such as VMware Workstation Pro, VirtualBox, Hyper-V
• Comfortable using various distributions of Linux Salary Information:
The target salary for this position is $125,000-$145,000 annually. Employee Benefits:
Competitive salary for well-qualified applicants
401(k) plan
Annual performance bonus
Certification and advanced degree attainment bonuses
Student Loan / Tuition reimbursement
Health Care Insurance (medical, dental, vision)
Up to four weeks of paid vacation
11 Federal Holidays and 3 Floating Holidays
Team bonding events Location and Work Set-Up:
100% onsite role at Washington, DC

<!– job description page –>